Step 1 |
enable
Example:
Switch# enable
|
Enters privileged EXEC mode.
|
Step 2 |
configure terminal
Example:
Switch# configure terminal
|
Enters global configuration mode.
|
Step 3 | ap dot1x username user_name_value password 0 password_value
Example:
Switch(config)# ap dot1x username AP3 password 0
password
|
Configures the global authentication username and password for all access points that are currently joined to the switch and any access points that join the switch in the future. This command contains the following keywords and arguments:
username—Specifies an 802.1X username for all access points.
user-id—Username.
password—Specifies an 802.1X password for all access points.
0—Specifies an unencrypted password.
8—Specifies an AES encrypted password.
passwd—Password.
Note
| You must enter a strong password for the password parameter. Strong passwords are at least eight characters long, contain a combination of uppercase and lowercase letters, numbers, and symbols, and are not a word in any language.
|
|
Step 4 | end
Example:Switch(config)# end
| Returns to privileged EXEC mode. Alternatively, you can also press Ctrl-Z to exit global configuration mode.
|
Step 5 | ap name Cisco_AP dot1x-user username username_value password password_value
Example:Switch# ap name AP03 dot1x-user
username apuser1 password appass
| Overrides the global authentication settings and assigns a unique username and password to a specific access point. This command contains the following keywords and arguments:
username—Specifies to add a username.
user-id—Username.
password—Specifies to add a password.
0—Specifies an unencrypted password.
8—Specifies an AES encrypted password.
passwd—Password.
Note
| You must enter a strong password for the password parameter. See the note in Step 2 for the characteristics of strong passwords.
|
The authentication settings that you enter in this command are retained across switch and access point reboots and whenever the access point joins a new switch.
|
Step 6 |
configure terminal
Example:
Switch# configure terminal
|
Enters global configuration mode.
|
Step 7 | no ap dot1x username user_name_value password 0 password_value
Example:Switch(config)# no ap dot1x username
dot1xusr password 0 dot1xpass
| Disables 802.1X authentication for all access points or for a specific access point.
The following message appears after you execute this command: “AP reverted to global username configuration.”Note
| You can disable 802.1X authentication for a specific access point only if global 802.1X authentication is not enabled. If global 802.1X authentication is enabled, you can disable 802.1X for all access points only.
|
|
Step 8 | end
Example:Switch(config)# end
| Returns to privileged EXEC mode. Alternatively, you can also press Ctrl-Z to exit global configuration mode.
|
Step 9 | show ap summary
Example:Switch# show ap summary
| Displays the authentication settings for all access points that join the switch.
Note
| If global authentication settings are not configured, the Global AP Dot1x User Name text box shows “Not Configured.”
|
|
Step 10 | show ap name Cisco_AP config general
Example:Switch# show ap name AP02 config general
| Displays the authentication settings for a specific access point.
Note
| If this access point is configured for global authentication, the AP Dot1x User Mode text boxes shows “Automatic.” If the global authentication settings have been overwritten for this access point, the AP Dot1x User Mode text box shows “Customized.”
|
|